For assurance of users, devices and applications, AscendID

Strong and secure authentication for identity verification to protect your devices, users and applications from harm. Our innovative cloud based solutions adapt to changing regulations, from PCI to GDPR and much more.

Take a Free Trial

Fraud is part

Fraud is part of a significant increase in cybercrime. Criminals are becoming more sophisticated, exploiting passwords and lapses in security that so many businesses unwittingly present. AscendID provides assurance to security and service. Our innovative product suite helps you to tackle the security and regulatory challenges you face in an increasingly data-driven world. All while protecting the integrity of the experience.

of the experience

Register for a free trial

Test drive our assured access for 30 days, complete with mobile tokens and template-based integrations. With identity-as-a-service, you can offer trusted access and single sign-on without incurring additional overheads.

Register
 

With over 30 years’ experience supporting contact centres as IPI, we spotted the need for a complete protection proposition. Go-to experts who can shield you from the ever-growing risk of cybercrime and identity fraud.

We created AscendID to be exactly that. And the benefits of our innovative solutions go far beyond just security and compliance. We provide security and compliance solutions to protect your organisation and customers from harm, and our innovative cloud based solutions adapt to changing regulations, from PCI to GDPR and much more; to a changing world.

Joe Prentis, CEO

Learn more

Our Clients

Our Partners

Qualys

Qualys

The leading provider of information security and compliance cloud solutions.

Check Point

Check Point

Check Point offers a complete security architecture defending enterprises' networks to mobile devices, in addition to the most comprehensive and intuitive security management.

Vasco

Vasco

A global leader in trusted security with two-factor authentication, transaction data signing, document e-signature and identity management solutions designed for all businesses and government agencies.

Sophos

Sophos

Sophos develops products for communication endpoint, encryption, network security, email security, mobile security and unified threat management.

Microsoft

Microsoft

As a Microsoft Gold Certified Partner, we are among the most highly accredited independent technical support providers.

VMware

VMware

We are a VMware Professional Solutions Provider.

LogRhythm

LogRhythm

A leader in Threat Lifecycle Management, empowers organizations around the globe to rapidly detect, respond to and neutralize damaging cyberthreats.

Gemalto

Gemalto

Gemalto enables its clients to offer trusted digital services for billions of individuals and things.

Resources

  • Insights
  • Case Studies
  • Blog
  • Events
  • Videos
  • News
IPI Logo

Datasheet

The intent of multi-factor authentication (MFA) is to provide a higher degree of assurance of the identity of the individual attempting to access a resource, such as physical location, computing device, network or a database. MFA creates a multi-layered mechanism that an unauthorised user would have to defeat in order to gain access.

This document describes the industry-accepted principles and best practices associated with multi-factor authentication. The guidance in this document is intended for any organisation evaluating, implementing, or
upgrading a MFA solution, as well as providers of MFA solutions.

MFA Guidance from PCI Security Standards Council

IPI Logo

Whitepaper

Take the appropriate measures to comply with the General Data Protection Regulation (GDPR). ENISA’s recommendation includes two-factor authentication and mobile application security as technical measures in high-risk situations.  Learn more and read a recently published study from ENISA — the European Union Agency for Network and Information Security which advises member states and private sector organisations in implementing EU legislation, and the GDPR.

IPI Logo

Whitepaper

Phishing is one of the most common threats hitting organisations. This guide details the problems around phishing, how it works, and how to leverage AscendID as a solution.

IPI Logo

Infographic

A cloud based secure 2-Factor Authentication service providing global instant authentication from a flexible range of tokens.

IPI Logo

Infographic

AscendID tokens come in many formats to easily fit various requirements, find out more about our tokens in our infographic.

IPI Logo

Infographic

On-premise vs. Cloud-based authentication solutions.

Reduce your total cost of ownership with our up-front subscription model. Our cloud-based multi-factor authentication token requires no hardware appliances and no upkeep costs.

Flexible multi-factor authentication methods and a self-service portal means less administrative and helpdesk issues.

IPI Logo

Whitepaper

The Total Cost of Operation of On-premise vs. Cloud-based Authentication

Many organisations rarely look closely at the Total Cost of Operation of their authentication solution and instead make a decision heavily driven by the up-front purchase price.

IPI Logo

Datasheet

Two Factor Authentication.

Secure, Simple, Unified.

It can be a challenge to protect your organisation’s confidential information and infrastructure yet enable authorised users to access all the resources they need, no matter where or when. Two-factor, authentication cloud service from AscendID can satisfy your compliance demands.

IPI Logo

March 15, 2018

Ask any security expert how you should protect your employees against hackers, and one of the first things they’ll tell you is to setup two-factor or multifactor authentication (2FA/MFA) for your online services and business applications.

And they’re right.

2FA/MFA will protect your business’s sensitive data and resources against a host of cyberattacks and security incidents, including phishing scams, data breaches, man-in-the-middle attacks and more.

However, what most experts won’t tell you about is the costs involved in transitioning your organisation to 2FA/MFA. In many cases, organisations abandon their solutions because they can’t handle the technical, administrative and financial overhead they incur from deploying 2FA/MFA. Here is what you need to know.

MFA Hardware and logistics costs

Some MFA solutions such as security keys require specialised hardware. This means your organisation must pay to acquire and import the hardware and have the proper procurement channels and processes for quick replacements and new employees. You’ll also need the in-house expertise to maintain and update the hardware. This means you’ll have to hire experts, pay for education, or outsource the task to the manufacturer of the devices, all of which will incur more costs for your organisation.

IT Helpdesk costs

Most MFA solutions have a usability tradeoff. They’re not very easy to use, the main reason why many users become disenchanted and default to less secure alternatives. A lot of your employees will struggle to learn and get used to the MFA technology you adopt. Some will lose their keys. Others will get locked out of their accounts. You’ll need to allocate resources to support your employees in using their secured accounts. This includes setting up the right helpdesk software and hiring support personnel to tend to the needs of your employees.

Setting up 2FA/MFA is meant to make sure you have business continuity. Not setting up and paying for a helpdesk solution for your two factor authentication or multi factor authentication technology will turn it into a self-defeating goal because it will result in employee downtime, which will in turn cause your business performance to suffer.

Most MFA services use passwords which have a high total cost of ownership (TCO), facilitating password policies and resting requires a helpdesk which has its own cost in employee hours and the more complicated the password policy is the more maintenance is needed.

Password costs won’t go away

Let’s not forget that 2FA/MFA is tacked on your password infrastructure, not replacing it, which means none of the above costs will eliminate what you’re already paying for. You’re still responsible for keeping the passwords of your organisation secure. This means using the right encryption tools and enforcing strong password policies on your employees. You must also employ the security solutions to protect your password data stores against hacks and data breaches.

The AscendID solution

AscendID provides an authentication solution that minimises the costs of ownership and provides the best security for your organisation without causing friction in the user experience. From your organisation’s perspective, this means deploying the solution will eliminate the costs of associated with password based authentication. These include storing, encrypting and protecting passwords. Additionally, according to Forrester Research, Gartner, and HDI, costs of the average call to technical support for a password reset range from $17 to $25. The fact that an estimated one in four helpdesk calls are password related, means eliminating password management will translate into substantial savings even for small organisations. From your employees’ perspectives, password-less authentication means a friendlier user experience. This will in turn result in less employee confusion and lower support costs.

AscendID uses a mobile app which can be installed on employees’ personal or work phones. This means it will not require additional hardware costs. Meanwhile, while the app’s use is intuitive, under the hood it uses several different security mechanisms to prevent man-in-the-middle, spoofing, phishing and other kinds of attacks that other MFA solutions protect against.

Learn more about AscendID here.

IPI Logo

March 12, 2018

Rather than having to implement on-site servers and spend time integrating applications within the network, authentication-as-a-service is an increasingly viable way to deploy authentication.

The pervasiveness of remote access to the internet, web- based applications and cloud-based applications has enabled our business and personal lives to be transformed to the point where we can live in a 24×7 online world. The transition to software-as-a-service in particular (Saas) is transforming the way that IT departments work and the investments that need to be made.

This technology is now also used to make authentication more affordable, easier to manage and easier to implement. Rather than having to implement on-site servers and spend time integrating applications within the network, authentication-as-a-service is an increasingly viable way to deploy authentication.

Deploying strong authentication using a cloud-based service is applicable to organisations of all sizes: large enterprises are using it to replace older, more traditional server-based approaches; mid-tier organisations are using it as an alternative to having a service provider manage their authentication server; SMBs are using it because it delivers an affordability and ease-of-implementation that was never previously available.

There are many drivers for organisations to consider using cloud-based services, regardless of their size. Cost reduction is a primary consideration, followed closed by ease-of-implementation, reduced administration and management, high availability and flexible pricing options. These benefits of cloud-based applications and software-as-a-service are broadly recognised – and are fully applicable to authentication-as-a-service.

See our white paper to help you assess the true cost of authentication for your organisation.

IPI Logo

March 8, 2018

The smartphone has become indispensable. According to Deloitte’s latest Global Mobile Consumer Trends1 report, a survey of 17 developed countries found that one in five consumers checks their phone >50 times a day.

The explosive adoption of mobile apps and devices is changing how banks authenticate customers in the digital world. One trend we expect to continue into 2018 and beyond, is the drive to upgrade customer authentication technology from hardware to software tokens.

Software Tokens: Adoption Best Practices

If you have used OTP hardware tokens for years, introducing software tokens would ensure strong security coupled with a faster, easier user experience. (Prior to software authentication, customers had to remember multiple passwords; forgotten passwords blocked customers from transacting and required a reset by the helpdesk.)

Survey your customers
Survey customers’ readiness to accept software tokens. Research may show that most customers actually want both. Customers want the convenience of using their mobile device, knowing that if something goes wrong (e.g., lost phone, dead battery, etc.) they have a hardware backup. Mobile-first customers will inevitably be interested in software tokens, but not everyone may want to use their smartphone as an authentication method.

Barriers to adoption include:

  1. Lack of familiarity with, and therefore trust in, software tokens.
  2. Concerns about having too many apps already (not wanting to run out of space on the phone).
  3. Concerns about loss or theft of the phone.

Communication
A hybrid hardware and software authentication system can be the key. Customers are resistant to change, but once they try mobile authentication,
they are very satisfied and stay with it. That’s why communication is so important. You have to convince customers to try it.

Not surprisingly, the way you explain a new authentication method to customers directly influences adoption. First promote the software token, presenting the hardware option only if the customer does not have a smartphone. By promoting the mobile authentication option first, some organisations saw 62% of the first wave of migrated customers activate the soft token.

Customer Satisfaction
One of the most noticeable benefits organisations saw was the level of customer satisfaction among those who tried the software token. Overall, the majority of customers did not have any trouble understanding software authentication, and were very happy it was introduced. They found the information on the website, read it, and were able to activate and start using it without any helpdesk support.

IPI Logo

March 2, 2018

According to a recent survey by Accenture, banks experience 85 attempted breaches on average each year. More than a third are successful in stealing sensitive information. Each successful attack made headlines each time hackers successfully targeted large institutions and their customers.

Here are 8 top security, technology and industry experts who shared their predictions for 2018, along with their thoughts on the technologies of choice critical to building digital trust and long-term loyalty.

Mobile App Security

Frederik Mennes, Senior Manager Market & Security Strategy, Security Competence CenterFrederik Mennes, Senior Manager Market & Security Strategy, Security Competence Center
“In 2018, mobile platforms will be the biggest attack platform. We will see an increase in mobile banking attacks next year — because more banks are providing mobile banking apps, and there is a shift by users from PC online banking to mobile banking. One of the biggest threats against mobile are overlay attacks, especially in the U.S. and Europe. In the past, these attacks were only spotted in Russia, but we’ve seen the first examples in Europe and the U.S. and we expect there will be more next year. Overlay attacks are a type of malware that also takes advantage of the user, who has to enter their credentials into the overlay window. The combination of malware detection and Runtime-Application Self Protection is the strongest way to protect mobile applications today.”

Will LaSala, Director, Security Solutions, Security EvangelistWill LaSala, Director, Security Solutions, Security Evangelist
“In 2018, the mobile platform will be hit hard. The recent news of the WiFi WPA vulnerability and the potential for attacks is greatest on the fractured versioning system of the Android device space. Along with this attack, the rise in social engineering with mobile application repackaging and app distribution is on the verge of explosion.  Combine these monster holes with where the mobile app industry is headed, businesses should be aware and take extra precautions this year to secure their mobile offerings.”

Fraud Prevention — Banking

John Gunn, CMOJohn Gunn, CMO
“2018 will be an exciting time as we will see new defenses and technologies paving the way to mitigate fraud and risk. However, research is finding banks are still falling further behind as they try to keep pace with today’s fraud schemes. It’s time to turn to new solutions based on AI and machine learning that speed up the ability to detect fraud, enabling banks to not only keep up but get ahead on reducing the losses to fraud and defending against attacks.”

David Vergara, Director of Security Product MarketingDavid Vergara, Director of Security Product Marketing
“The banking world is facing increasingly intricate fraud schemes. As a result, banks will deploy more sophisticated solutions that combine risk analysis with machine learning, authentication, mobile security and orchestration to dynamically and in real time, apply the proper level of security for each unique transaction based on a risk score. Banks will also demand that these solutions provide simple integrations with a variety of fraud tools/platforms to ensure future requirements are easily incorporated. ”

Regulation

Matthias Valcke, Director Business Solution & Market DevelopmentMatthias Valcke, Director Business Solution & Market Development
“Last year’s increase in overlay attacks in mobile banking applications coupled with the upcoming PSD2 regulation will this year force banks to add further security functionality to their apps. Additional security measures like Runtime Application Self-Protection and other frictionless methods of protection like behavioral biometrics will likely be the solutions of choice.”

E-Signature

Rahim Kaba, Director of Product Marketing, E-SignatureRahim Kaba, Director of Product Marketing, E-Signature
“Whether you are signing a contract or agreement or opening a new account, the underlying digital transaction (including data, documents and signatures) needs to be trusted and secure across every channel. As a result, enterprises are looking to more advanced authentication options to validate the identity of participants in a digital transaction. They want to ensure there are adequate security features built-in, particularly for their higher volume, B2C online and mobile channels. The key is to take a balanced approach — inspiring consumer confidence without adding inconvenience.”

Machine Learning/Artificial Intelligence

Romans Bonbinkovs, Business Consultant Fraud DetectionRomans Bonbinkovs, Business Consultant Fraud Detection
“We’ve entered the age of artificial intelligence, machine learning and robotics. In 2018, we will see malicious software with AI capabilities, more automated attacks and more intelligent (spear) phishing campaigns. With the help of machine learning, fraudsters will be able to scan the web in an automated way, requiring little or no human intervention and fewer resources to create more devastating attacks.”

Blockchain

Giovanni Verhaeghe, Director Market & Product StrategyGiovanni Verhaeghe, Director Market & Product Strategy
“Blockchain is changing the game in the financial services industry by adding transparency, speeding up and simplifying processes, while also reducing costs significantly. Blockchain and distributed ledger technologies will be an important new technology implementation and will continue to have a big impact as people demand more control of their identities and access to their personal information. A ledger doesn’t have any notion of how an identity is stored, but adding identity and credentials to the distributed ledger makes something anonymous when it previously was not.”

To learn how leaders in the banking and security industries are safeguarding against fraud in 2018, download the Faces of Fraud Survey by ISMG here.

IPI Logo

February 27, 2018

Our partner Vasco, has seen an increase in the number of inquiries from banks on best practices for migrating from hardware to software authentication. To answer these questions, Vasco interviewed a bank that recently made the transition. One of the bank’s top learnings was that successfully switching customers to a new authentication method has as much to do with managing change and driving adoption, as it does with choosing the right technology.

If you are considering migrating your customers to soft tokens, here are four important lessons this bank shared:

  1. Survey customers to validate their readiness to accept software authentication. Survey responses will help identify any resistance to the new authentication method, and will help you prepare accordingly.
  2. Tailor your customer communications. Not all customers are tech savvy. Segmenting and customising communications to different user groups will increase adoption. As an example, adapt your messaging and communicate differently to slow adopters vs. mobile-first customers.
  3. Produce short explainer videos. Many customers prefer to watch a video rather than read the information on your website or client portal. Use short videos to explain the value (why authenticate through a mobile app on your phone instead of your OTP hardware) and demonstrate how it works.
  4. Scale the helpdesk. A small percentage of customers will need the most support. Plan accordingly to ensure a smooth transition for those customers, as well as your helpdesk staff.

In the full case study, this bank explains that while their mobile-first customers were interested in software tokens, not everyone wanted to use their smartphone as an authentication method. In fact, the bank had to overcome three barriers to adoption:

  1. Lack of familiarity with, and therefore trust in, software tokens.
  2. Concerns about having too many apps already (not wanting to run out of space on the phone).
  3. Concerns about loss or theft of the phone.

As a result, the bank decided to move forward with a hybrid hardware and software authentication system — while designing their customer communications to promote the software option.

IPI Logo

February 23, 2018

To learn how leaders in the banking and security industries are safeguarding against fraud in 2018, download the Faces of Fraud Survey by ISMG here.

The 2017 Faces of Fraud Survey, is a 27-page report that documents how leaders in the banking and security industries are preparing for fraud. Roughly 250 banking/security leaders participated in this survey, which was conducted to determine:

  • The top forms of fraud afflicting financial organisations in 2017
  • The biggest gaps in organisations’ efforts to detect and prevent fraud
  • What organisations are doing to counter the surge in mobile exploits

Information Security Media Group (ISMG)

IPI Logo

February 19, 2018

It was virtually impossible to ignore the high-profile attacks and data breaches that dominated headlines in 2017, which saw a rise in cyber threats to critical infrastructure, including the UK’s National Health Service (NHS), and had a significant physical impact on business operations, the energy and utility sectors, public transportation and more. When it comes to an attack on critical infrastructure, no organisation is immune from the potentially paralysing effects.

By applying lessons learned from the past year and with greater understanding and preparation, organisations can better mitigate risks and proactively combat future threats.

Prediction #1:  Natural Disaster

How to Prepare: Develop a Business Continuity Plan
Businesses should take precautionary measures by implementing a continuity plan detailing how to stay up and running through interruptions of any kind: power failures, IT system crashes, natural disasters, supply chain problems and more. And, both public and private sector organisations must communicate regularly with government entities to identify vulnerabilities and potential threats.

Prediction #2: Costly Fines for Failing to be GDPR Compliant

The EU’s General Data Protection Regulation (GDPR) sets more consistent data protection standards and outlines strict requirements for processing, storing and securing personal data of EU citizens. Any business anywhere in the world that handles data on EU residents must abide by these rules.

How to Prepare: Be Safe, Not Sorry
As the May 25, 2018 deadline for GDPR approaches, companies should focus on evaluating and optimising data collection, monitoring, and security policies to stay compliant. A good place to start is this checklist from the U.K. Information Commissioner’s Office, highlighting 12, clearly-defined steps you can start taking now to prepare and help keep your organisation from suffering potentially debilitating fines. 

Prediction #3: Growing Global Tensions and Increased State-Sponsored Cyberattacks

Throughout the past year, we’ve seen more details surrounding state-sponsored attempts to influence elections or disrupt foreign governments. In 2018, we could see an increase of hostile nations employing a combination of digital tactics – from infiltrating computers to destroying files with malware or ransomware and distributing false information through social media platforms.

How to Prepare: Implement Multi-Factor Password Authentication
The Private Sector especially can help protect themselves by enhancing prevention efforts and by being equipped to prevent attacks. It’s more important than ever for data breach prevention plans to be developed from a global perspective and with strategies that transcend borders.

AscendID can help.

IPI Logo

February 14, 2018

The UK Public Sector is desperately trying to catch up to the 21st century and must move to the cloud and mobile, quickly. The implications of this are:

  1. Public Sector will ultimately move away from the data center business. Everything will be “cloud.” Cost, simplicity and missions will require this change – sooner rather than later.
  2. Mobile will consume the desktop whole – iOS, Android, Windows 10… all popular mobile OSes.
  3. Items 1 and 2 will eliminate any need for a traditional ‘perimeter.’

The security model we all grew up on (VPNs, firewalls, etc.) struggles to keep up with this “cloud-first,” “always-connected” world we find ourselves in.  To this end, SSL has always been the most successful example as it is easy to deploy and doesn’t require the end user to jump through hoops in order to use it.

Second, mobile begets cloud and cloud begets mobile. This self-propagating “ecosystem” has brought power to app developers in the commercial world – agility, speed to market, whatever. This trend started in the consumer world and has brought this exact same power to the enterprise over the past many years. Public sector agencies are just now starting to realise some of these “powers” and need help to keep up.

AscendID can assist the government in protecting its move to cloud and to help public sector agencies as they contemplate a move to a modern security model.  See we have already helped one local UK council.

IPI Logo

February 10, 2018

As employees demand more flexibility in the workplace with the likes of Bring-your-own-device (BYOD), security policies may not be scratch, according to a survey of more than 200 IT and security professionals at the Gartner Symposium conference.

Data protection firm Bitglass conducted the survey as part of its BYOD and Identity research report. It found that 25% of organisations lack some form of multi-factor authentication when securing BYOD.

“Enterprises often misjudge the effectiveness of traditional security solutions, many of which are readily bypassed,” says Bitglass CEO Rich Campagna.

The company says that several high profile data breaches in recent months were caused by compromised passwords that were used to control access, as well as single-factor authentication. Because of challenges like these, organisations have turned to identity management.

“The BYOD boom exposes organisations to risks that can only be mitigated with next-gen, data-centric solutions that secure access,” Campagna continues.

 

While passwords, PINS and fingerprint recognition are standard and familiar to enterprises, respondents were polled about their top security concerns. External sharing was the leading concern (45%), followed by malware protection (40%) and unmanaged device access (40%).

These statistics indicate that organisations are doubling down on protecting data beyond the corporate network.

In another study, Bitglass also shared that 44% of scanned organisations had some form of malware in at least one of their cloud applications.

Microsoft OneDrive was most vulnerable with a 55% infection rate, while Google Drive, Dropbox and Box were not too far behind.

“Most cloud providers do not provide any malware protection and those that do struggle to detect zero-day threats. Only an AI-based solution that evolves to detect new malware and ransomware can keep cloud data secure,” commented Bitglass VP of product management Mike Schuricht at the time.

“Malware will always be a threat to the enterprise and cloud applications are an increasingly attractive distribution mechanism.”

IPI Logo

February 6, 2018

It is widely known that a large percentage of hacking related breaches leveraged stolen and/or weak passwords.  This instigated the adoption of two-factor authentication (2FA) as a security solution that can mitigate the risk of a data breach and can be deployed everywhere to protect your users and information systems.

Legacy 2FA solutions however, that are well-known in the security arena, haven’t been able to scale with the fast pace of modern computing environments and can introduce security risks and coverage gaps within your organisation.

Many of the common 2FA providers haven’t evolved to keep the pace, and a many companies are opting to switch to more current, relevant security providers who offer a multi-factor authentication approach – not just to meet today’s needs, but the ever evolving needs of the future.

That’s why we are seeing more companies enquire about our strong and secure authentication for identity verification to protect your devices, users and applications from harm. Our innovative cloud based solutions adapt to changing regulations, from PCI to GDPR and much more.

Try a Free Trial of AscendID today – so that you are secure for tomorrow.

 

IPI Logo

February 2, 2018

How companies go about detecting automated software and threats in cyberspace has a lot to do with their potential to fall victim to these scams.  Be aware of the latest threats and employ multi-factor authentication to protect your data, systems, devices and company reputation.

#1 — Ransomware

One of the biggest ongoing concerns and threats to our digital existences has been the proliferation and exponential rise of ransomware. You know, the type of thing that locks you out of your computer with an impending countdown that signals the digital death of your entire virtual existence. As it counts down, threatening to encrypt every last shred of data, you realize the peril that digital criminals can inflict on their unassuming victims.

#2 — Phishing schemes

A large majority of people get caught up in phishing schemes. Phishing schemes are engineered to get you to click on things and oftentimes they seem harmless. Simply click on a link and it will go to some URL. That’s it. However, as harmless as they seem, phishing schemes can lead to to a number of major online security breaches if you’re not careful. By paying close attention to what you’re clicking on, you’ll better be able to mitigate these types of attacks.

#3 — Man-in-the-middle (MIIM) attacks

One of the most sophisticated threats that exist online are man-in-the-middle attacks. I’ve seen these threats firsthand and know just how malicious they can be. Everything seems okay all the way to the final point of entry (even when using 2-factor authentication). This malware sits on your computer and waits until you’ve entered in all your credentials, then it actually swaps out the server that receives the communication and even communicates back to you.

#4 — Ad fraud

Online ad fraud is far more widespread than anyone could possibly imagine. This is likely one of the biggest cyber-threats that seems to go under the proverbial radar. Few people know that they’ve been scammed by sophisticated ad fraud systems after it’s occurred. Publishers simply see views increasing and most ad platforms don’t provide high specifics as far as direct views on every single ad impression or click, leaving most people in the dark.

#5 — Social media schemes 

Instagram (IG) money-flipping schemes and many others social media scams have surfaced in recent years. Considering that IG is one of the most popular social media platforms in the world, it’s no wonder that unscrupulous cybercriminals are targeting individuals who are in desperate situations, looking to make a few hundred or a few thousand dollars quickly. These IG money-flipping schemes have become so widespread that the company can only take down 1 money-flipping scam for ever 3 that are being created.

#6 — Bitcoin scams

Bitcoin scams have been on the rise recently, especially since the cryptocurrency leaves little in the way of traceable information and unlike with the banking sector, the transactions are irreversible. For those particular reasons alone, cybercriminals have been flocking to the Bitcoin platform. In fact, a large part of their criminal activity is dealt with in Bitcoins for a great majority of their malware attacks that include ransomware and other hacking initiatives.

#7 — Social engineering

Social engineering isn’t a new threat. In fact, criminals have been using social engineering hacks in person for ages now. However, when it comes to fraud and other crimes occurring online, this threat is certainly on the rise. With the layer of anonymity that the internet affords, it’s no wonder that social engineering works so well in this medium. Most aren’t that careful about who they interact with or what type of information that they give out or expose online.

#8 — Targeting employees to compromise corporate networks

Another major online threat involves directly targeting employees to compromise corporate networks. Since some employees act as the gatekeepers into their corporate networks, there’s no surprise that this is on the rise. For example, a large part of the wire fraud that occurs happens because cybercriminals successfully target the right employees to compromise the company’s corporate network, allowing them almost unfettered access and approval to steal millions of dollars with ease.

#9 — Tracking movements for physical targeting

One massive online threat that exists, which can also help put your physical safety into peril, is the tracking of movements through social media and other channels. For consumers, this is an enormous risk, especially for those individuals that aptly portray a lavish lifestyle, traveling around the world. When cybercriminals know that you aren’t home, it’s simple for them to break into your home and steal your belongings.

#10 — Customer service interception

One of the gatekeepers to any company are their customer service representatives. They are one of the most proliferous category of employees who are interfacing with the clients on a daily basis. However, as skilled as they might be at their jobs, they are often unaware of the online threats that most cybercriminals pose when interacting through a number of mediums. In fact, cybercriminals are known to replicate profiles and post throughout social media to draw attention to unassuming individuals.

Not only is this bad financially speaking, but it’s also bad for a company’s reputation. When a customer is angry, they often don’t care whether they were speaking to an imposter or the actual company’s representative themselves. At that point, it’s usually too late to put out the fire. If you’re a business and you’re serious about your company’s online security through social media channels, it’s important to invest in a platform to help you mitigate such attacks.

IPI Logo

January 29, 2018

Which method is ‘better’ depends on what other factors (no pun intended), in addition to security, you are considering, such as cost, convenience and complexity.

Two-factor authentication typically involves a password/username combo along with a unique device such as a security token or a unique code that is sent to a phone paired with the account. The former can provide relatively secure authentication (unless of course the token is in the laptop bag that was stolen and the password is taped onto the bottom of the laptop), however, both authentication methods can potentially be circumvented.

Multi-factor authentication is more complex, yet potentially more secure than two-factor, usually requiring additional verification such as biometrics to include voice, retina or fingerprint recognition, etc., which is harder for an attacker to bypass. Depending on the nature of the organization (i.e. maintains critical infrastructure), the risk could outweigh the cost and multi-factor authentication may be preferred.

It’s important to remember though, that with any new solution that enters the security market, attackers are going to attempt to find the holes. There are also other challenges to consider with biometrics. For instance, biometrics cannot be re-credentialed. The database containing this highly sensitive information would be lucrative and high-profile target for attackers. Strong database security and data encryption would be of the utmost importance.

IPI Logo

May 3, 2018

During an annual review in 2017, the National Cyber Security Centre reported 1,131 cyber incidents of which 590 were classed as “significant”. Since the inception of the NCSC, it has utilised government investment to strengthen the national digital infrastructure of the country and improve our public sector digital defences. However, with cyber threats constantly changing, there is still a lot of work to be done to ensure our vital public services can withstand a serious attack, and also stay one step ahead of the criminals responsible.

Join us for the Public Sector Cyber Security Conference where leading experts will explain how to protect the vital services provided by central Government, local councils and the NHS. Learn how to safeguard sensitive data, such as medical records, keep IT systems safe from cyber-attacks, and ensure staff are up-to-date with how they can effectively protect and guard the digital interests of their organisation.

 

No news stories to display...

Change your tomorrow, today.
Get in touch.